Automate the patching of SQL Severs on Windows

dba.stackexchange https://dba.stackexchange.com/questions/182287

Question

We are getting approximately 50-100 lower environments SQL Servers newly build.

We are assigned some basic task of SQL DBA which includes one as patching SQL Servers.

How can this be achieved, specially when we have servers, where only Windows authentication can be used whose password needs to be generated every 24 hours. That makes this look complex or may be something I am expecting too.

Please share your inputs how can we achieve this either via powershell, cmd or any best known approach?

Edit: These boxes are all lower env like DEV/SAT/QA. Some of them have log shipping configured but that too for side reporting , even though not that critical. These are not 365*7 and are generally used during the business EST hours.

Also, we have multiple logins each assigned to a DBA who has sys admin rights on these boxes but that login needs to have a password generated which expires every 24 hours.

Was it helpful?

Solution

While the rotating passwords are a hindrance, they don't negate any approaches available. Kendra Little does a great job of explaining a general approach to patching servers in an automated fashion in this blog post, as well as some of the risks about when server patching goes bad.

Because your servers are not production, these would fall under her "cattle" classification which means that if you can tap into an existing automated toolset such as SCCM/WSUS (as denoted by Alen prior), you should do so. Patches that don't go through may be annoying, but they hopefully won't cause outages that wake you in the night. The rotating password complexity may require you customize this to a degree, and really the best approach there is to automate the process as best you can using PowerShell scripts.

Adam Betram probably has the most robust toolset out there now that I'm aware of in this domain. I would suggest you check it out and see if you can augment it to your needs. Here's a direct link to his GitHub repository for the same toolset.

OTHER TIPS

Have you looked at WSUS for windows updates?

For SQL service packs we usually run them manually after scheduling downtime

Licensed under: CC-BY-SA with attribution
Not affiliated with dba.stackexchange
scroll top